darkreading

Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant.

Remote monitoring and management (RMM) software offers hackers multiple benefits, including stealth, persistence, and operational efficiency.

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

The GS7 cyber-threat group targets US financial institutions with near-perfect imitations of corporate portals to steal credentials and gain remote access.

30 copycat apps tricked users, and Google itself, into thinking they're legitimate AI tools.

Zscaler's acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks also invest in secure browser technologies.

Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight.

Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors' networks.

As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface.

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication controls, one expert says.

The AI-powered product delivers expert-grade malware analysis and reverse engineering in minutes.

Drawing on years of adversary tradecraft, SpecterOps experts work alongside customers to analyze and eliminate attack paths, protect critical assets, and stay ahead of emerging threats.

Men should take extra care on Valentine’s Day because they are nearly twice as likely as women to fall victim to romance scams.

Microsoft uncovered AI recommendation poisoning in 31 companies across 14 industries, and turnkey tools make it trivially easy to pull off.

Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents.

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.

CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security.

How a platform engineering team embeds supply chain security into infrastructure without slowing developers.

Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data.

Organizations can improve their climate footprints by optimizing two specific cybersecurity protections, without incurring added risks.